What were the world’s most important computer viruses? (Part 2)

Part 2 of our list of the world’s most important computer viruses (see part one here) features serious computer malware, designed specifically to damage computers and commit cyber crimes.

If any article scares you into ensuring your computer security is up-to-date, then this is it. Read on…

ILOVEYOU (2000)

Widely considered one of the worst worms ever, ILOVEYOU (also known as Love Letter) attacked tens of millions of Windows computers from May 2000. ILOVEYOU’s name was coined, and fame bolstered by, the malicious way it distributed itself: by pretending to be a message of love.

The malware spread via emails with the subject line ILOVEYOU, which included the attachment LOVE-LETTER-FOR-YOU.txt.vbs. Back in 2000, most Windows computers hid the “.vbs” extension of files, so unwitting computer uses thought LOVE-LETTER-FOR-YOU was a genuine sign of affection from a friend. In fact, it was most destructive virus in the world.

Opening the attachment activated the malware, which spread to the first 50 email addresses in users’ address books and also overwrote image files stored on the system. Can you imagine having your entire photo library destroyed?

The outbreak is estimated to have caused damages of $5-8 billion around the world, while the Pentagon, CIA and British Parliament all shutdown their email systems to avoid the infection.

Storm Worm (2007)

From Morris and Melissa to “Storm Worm”, between the late nineties to the present day, computer malware got both serious and organised. The Storm Worm infected anywhere between 1 to 50 million computers, using them remotely to create the biggest SPAM network of its time.

According to some reports, Storm Worm was rumoured to be responsible for sending 20% of all emails worldwide in 2007, before it faded away in late 2008.

The Storm Worm marked the first time that a major virus used emotive news-based email subjects to get attention, including “230 dead as storm batters Europe”. People assumed their friends were forwarding details of a lethal (and real) European storm, and not a piece of malicious malware.

In the end, the creators of Storm Worm were never discovered.

Mydoom (2004)

Mydoom could be considered the first major virus that disguised itself as a computer error message. Mydoom pretended to be an “email not delivered” message, and because no virus had previously disguised itself in this way, millions of users were fooled into downloading the attached, malware-filled file.

Once users opened the attachment, Mydoom would email itself (of course) to friends, and also move itself to any P2P sharing folders on the computer. In the end, it caused $38billion of damage worldwide.

Interestingly, Mydoom contained the message, “andy; I’m just doing my job, nothing personal, sorry”. Important message, or just more SPAM?

Netsky (2004)

Netsky was a computer worm written by 18-year-old German Sven Jaschan, proving that young people making silly computer decisions is not a phenomena developed in the last few years.

His Netsky worm was unique because it was one of the first to taunt other malware writers, and featured insults for the author of Mydoom. In some cases, Netsky even successfully removed Mydoom from infected computers.

The German authorities arrested Jaschan after a tip-off from a classmate, who received a $250,000 bounty from Microsoft for information about the outbreak. Jaschan himself received four fines of under $1,000 each, three years probation and 30 hours community service in a retirement home.

Flame (2012)

Discovered by accident in 2012, the Flame virus is considered Stuxnet’s bigger, more terrifying brother. For a start, it’s over 20mb in size – or the size of six songs. This is huge for malware, which is usually minimised in order to make it easy to spread via email. Stuxnet, for example, is just a few hundred kilobytes – about a tenth of a song.

Scarily, it’s still not fully understood what those 20mb are programmed to do. Security researchers understand that it steals information, including audio, screen capture, information from password fields and information about near-by bluetooth devices. The rest of its powers? Unknown.

Most Flame infections are found in Iran, suggesting that like Stuxnet, the virus is also targeted at the Middle East, and therefore most of us are safe. For now…